Make form-not-secure controllable as its own separate Finch feature

components/security_state/core/security_state.h

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_H_
 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_H_
 
 #include <stdint.h>
 #include <memory>
 
 #include "base/callback.h"
+#include "base/feature_list.h"
 #include "base/macros.h"
 #include "net/cert/cert_status_flags.h"
 #include "net/cert/sct_status_flags.h"
 #include "net/cert/x509_certificate.h"
 #include "url/gurl.h"
 
 // Provides helper methods and data types that are used to determine the
 // high-level security information about a page or request.
 //
 // SecurityInfo is the main data structure, describing a page's or request's
 // security state. It is computed by the platform-independent GetSecurityInfo()
 // helper method, which receives platform-specific inputs from its callers in
 // the form of a VisibleSecurityState struct.
 namespace security_state {
 
+// A feature for showing a warning in autofill dropdowns for password
+// and credit cards fields on HTTP pages.

[elawrence, 2016/12/19 20:11:46]

Is this about "HTTP pages" or "non-secure contexts"? E.g. if I have an
FTP-served page, what happens? What about a HTTPS page with active mixed
content?

[estark, 2016/12/19 20:49:45]

Changed to "when the top-level page is not HTTPS" which describes pretty much
exactly what we do.

+extern const base::Feature kHttpFormWarningFeature;
+
 // Describes the overall security state of the page.
 //
 // If you reorder, add, or delete values from this enum, you must also
 // update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel.
 //
 // A Java counterpart will be generated for this enum.
 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.components.security_state
 // GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel
 enum SecurityLevel {
   // HTTP/no URL/HTTPS but with insecure passive content on the page.
@@ skipping 172 matching lines @@
 // |used_policy_installed_certificate| indicates whether the page or request
 // is known to be loaded with a certificate installed by the system admin.
 // |is_origin_secure_callback| determines whether a URL's origin should be
 // considered secure.
 void GetSecurityInfo(
     std::unique_ptr<VisibleSecurityState> visible_security_state,
     bool used_policy_installed_certificate,
     IsOriginSecureCallback is_origin_secure_callback,
     SecurityInfo* result);
 
+// Returns true if an experimental form warning about HTTP passwords and

[elawrence, 2016/12/19 20:11:46]

Should we be explicit that this is a "warning UI" as opposed to some other
method of warning (e.g. dev console)?

[estark, 2016/12/19 20:49:45]

Done.

+// credit cards is enabled. This warning can be enabled with the flag
+// --mark-non-secure-as=show-non-secure-passwords-cc-chip-and-form-warning

[elawrence, 2016/12/19 20:11:46]

Is the "show-non-secure-passwords-cc-chip-and-form-warning" value still
supported? The change in the subsequent file
(https://codereview.chromium.org/2588133002/diff/1/components/security_state/c...)
and switches.h makes me think it's not?

[estark, 2016/12/19 20:49:45]

No, forgot to update this comment. Fixed.

+// or with the field trial Feature API.
+bool IsHttpWarningInFormEnabled();
+
 }  // namespace security_state
 
 #endif  // COMPONENTS_SECURITY_STATE_SECURITY_STATE_H_